Is there a way to receive an additional parameter in the OAuth2 token endpoint?

Question

I'm using Spring Authorization Server in order to implement an OAuth2 Authorization Server. Before switching to this library, I was using Spring Security Authorization server with spring-security-oauth2-autoconfigure. With this I could customize the token endpoint in order to receive an additional parameter in the token endpoint (with the support of this Spring OAuth2 Generate Access Token per request to the Token Endpoint).

I achieved this by implementing the AuthenticationKeyGenerator interface. In this implementation I designed the authorization server to issue tokens based on the user credentials (username and password) and on an additional parameter.

Is there a way to customize this new spring authorization server in order to receive an additional parameter when using the client_credentials grant_type, i.e. receive in the token endpoint the grant_type, client_id, client_secret and an additional parameter and issue an access token associated to these three elements?

Until now I've created a CustomAuthenticationConverter implementing AuthenticationConverter, and a CustomOAuth2AccessTokenGenerator implementing OAuth2TokenGenerator<OAuth2AccessToken>.

Is this the right path to achieve this?

Answer 1

I found a way to propagate the additional parameter received in the token endpoint request by configuring an accessTokenRequestConverter. With this I obtain the additional parameter from the HTTP request (POST to the token endpoint) and I propagate it until including it in the token itself. Beyond the accessTokenRequestConverter, I also configured an authenticationProvider and finally a CustomTokenGenerator. I pass the additional parameter through the first two, and then I include it in the token, when the generation occurs in the CustomTokenGenerator.